Home
Bugtraq
Full List
Only Bugs
Only Tricks
Only Exploits
Only Dorks
Only CVE
Only CWE
Fake Notes
Ranking
CVEMAP
Full List
Show Vendors
Show Products
CWE Dictionary
Check CVE Id
Check CWE Id
Search
Bugtraq
CVEMAP
By author
CVE Id
CWE Id
By vendors
By products
RSS
Bugtraq
CVEMAP
CVE Products
Bugs
Exploits
Dorks
More
cIFrex
Facebook
Twitter
Donate
About
Submit
CWE
:
Topic
Date
Author
Med.
WIN-911 7.17.00 Insecure File Permissions / Plaintext Password Storage
07.09.2016
sh4d0wman
High
Easy Hosting Control Panel 0.37.9 Bypass / File Upload / Disclosure
31.03.2016
Kyle Lovett
High
Western Digital My Net Password Disclosure
02.08.2013
K Lovett
CVEMAP Search Results
CVE
Details
Description
2024-04-25
CVE-2024-3622
Updating...
A flaw was found when using mirror-registry to install Quay. It uses a default secret, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same secret key. This flaw allows a malicious actor to craft session cookies and as a consequence, it may lead to gaining access to the affected Quay instance.
CVE-2024-3623
Updating...
A flaw was found when using mirror-registry to install Quay. It uses a default database secret key, which is stored in plain-text format in one of the configuration template files. This issue may lead to all instances of Quay deployed using mirror-registry to have the same database secret key. This flaw allows a malicious actor to access sensitive information from Quay's database.
CVE-2024-3624
Updating...
A flaw was found in how Quay's database is stored in plain-text in mirror-registry on the jinja's config.yaml file. This flaw allows a malicious actor with access to this file to gain access to Quay's database.
CVE-2024-3625
Updating...
A flaw was found in Quay, where Quay's database is stored in plain text in mirror-registry on Jinja's config.yaml file. This issue leaves the possibility of a malicious actor with access to this file to gain access to Quay's Redis instance.
2024-04-03
CVE-2024-28782
Updating...
IBM QRadar Suite Software 1.10.12.0 through 1.10.18.0 and IBM Cloud Pak for Security 1.10.0.0 through 1.10.11.0 stores user credentials in plain clear text which can be read by an authenticated user. IBM X-Force ID: 285698.
2024-03-26
CVE-2024-25138
Updating...
In AutomationDirect C-MORE EA9 HMI, credentials used by the platform are stored as plain text on the device.
2024-02-08
CVE-2023-6518
Updating...
Plaintext Storage of a Password vulnerability in Mia Technology Inc. MIA-MED allows Read Sensitive Strings Within an Executable.This issue affects MIA-MED: before 1.0.7.
2023-10-25
CVE-2023-42493
Updating...
EisBaer Scada - CWE-256: Plaintext Storage of a Password
2023-09-18
CVE-2023-39452
Updating...
** UNSUPPPORTED WHEN ASSIGNED ** The web application that owns the device clearly stores the credentials within the user management section. Obtaining this information can be done remotely due to the incorrect management of the sessions in the web application.
2023-09-15
CVE-2023-4984
Updating...
A vulnerability was found in didi KnowSearch 0.3.2/0.3.1.2. It has been rated as problematic. This issue affects some unknown processing of the file /api/es/admin/v3/security/user/1. The manipulation leads to unprotected storage of credentials. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-239795.
Copyright
2024
, cxsecurity.com
Back to Top